Computer user may use a web browser on the user's personal computer to complete an online transaction (e.g. effect payment for goods/services, transfer funds between financial accounts or institutions) at a website. However, rogue software installed on the personal computer may be designed to wait until the end-user successfully authenticates to the website, and to intercept and manipulate transaction data (e.g. payment amount, financial account) transmitted from the browser before it reaches the website and/or confirmation data (e.g. payment amount, financial account, merchant name) transmitted from the website before it reaches the browser. For example, the rogue software may change the transaction data transmitted from the browser to instruct the website to transfer “$5000 to account Y” instead of the intended transfer of “$500 to account X”. To prevent the end-user from immediately detecting the altered transaction, the rogue software may also modify the confirmation data transmitted from the website to confirm the intended transfer of “$500 to account X” instead of the actual transfer of “$5000 to account Y”.